SSH Security

As we know, the security of a server is quite essential as long as it is active. In most cases, a  mistake happens during the initial server set up will lead to a disaster at later period of time. In this post I am trying to prepare a check list for the initial server hardening of a cPanel server.  Preparing a check list and follow it will  ensure the implementation of necessary security settings.

SSH Security

SSH Warning Message

Enable the  default Banner path by modifying the sshd configuration file /etc/ssh/sshd_config . For that open the SSHD configuration file in your favourite editor and then search for the directive “Banner”. By default it will be disabled in most installations, so the entry would look like

#Banner /etc/issue.net

Now remove the comment tag and specify the banner file, by  the common practice is to use /etc/issue , however you can use your own file.  Now the entry would look like

Banner /etc/issue

Check whether the file exists. If so edit it with the warning message. Otherwise create or open the file /etc/issue add the warning message.

I use the following one. You can use your own content to make the warning

###############################################################

Authorized access only!

# Disconnect IMMEDIATELY if you are not an authorized user!!! #

# All actions Will be monitored and recorded #

# Unauthorized access is forbidden and will be prosecuted by law #

###############################################################

Once the file is saved, we need to restart the service. Use the following command to restart SSHD

/etc/init.d/sshd restart

Once it is restarted, ensure that the message pops up for all SSH access.

Revisions

There are no revisions for this post.

Tags: , , , ,

No comments yet.

Leave a Reply